High severity8.8NVD Advisory· Published Jul 31, 2021· Updated Jun 17, 2026
CVE-2020-26806
CVE-2020-26806
Description
admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ObjectPlanet/Opiniodescription
- Range: <7.15
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/163709/ObjectPlanet-Opinio-7.13-Shell-Upload.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.objectplanet.com/opinio/changelog.htmlnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.